CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54607 matches found

EUVD•added 2026/05/27 8:30 a.m.•10 views

EUVD-2024-55598

Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors...

2.7CVSS5.8AI score0.00249EPSS

Exploits0References1

Cvelist•added 2026/05/27 8:30 a.m.•30 views

CVE-2024-47272

2.7CVSS0.00249EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 8:30 a.m.•7 views

CVE-2024-47272

2.7CVSS5.8AI score0.00249EPSS

Exploits0References1

Microsoft CVE•added 2026/05/27 8:18 a.m.•15 views

NGINX ngx_http_rewrite_module vulnerability

...

9.2CVSS5.8AI score0.014EPSS

Exploits3

SUSE Linux•added 2026/05/27 7:56 a.m.•13 views

Security update for postgresql14

This update for postgresql14 fixes the following issues Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against malicious time zone names...

8.8CVSS6AI score0.00471EPSS

Exploits0References36

EUVD•added 2026/05/27 7:54 a.m.•7 views

EUVD-2026-32159

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

7CVSS6AI score0.00295EPSS

Exploits0References1

RedHat Linux•added 2026/05/27 5:41 a.m.•14 views

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

7.8CVSS5.8AI score0.00153EPSS

Exploits0References5

RedHat Linux•added 2026/05/27 5:41 a.m.•15 views

kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

7.8CVSS5.8AI score0.00171EPSS

Exploits0References5

UbuntuCve•added 2026/05/27 4:16 a.m.•11 views

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

7.5CVSS5.7AI score0.00393EPSS

Exploits0References5

OSV•added 2026/05/27 4:16 a.m.•4 views

UBUNTU-CVE-2026-48959

7.5CVSS5.7AI score0.00393EPSS

Exploits0References6

SUSE CVE•added 2026/05/27 4:13 a.m.•6 views

SUSE CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS5.8AI score0.0011EPSS

Exploits0References3

EUVD•added 2026/05/27 3:12 a.m.•8 views

EUVD-2026-32048

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...

7.3CVSS6.2AI score0.00316EPSS

Exploits2References2

Cvelist•added 2026/05/27 3:12 a.m.•32 views

CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

0.00316EPSS

Exploits2References2

Debian CVE•added 2026/05/27 3:12 a.m.•7 views

CVE-2026-48962

7.3CVSS6.2AI score0.00316EPSS

Exploits2

Vulnrichment•added 2026/05/27 2:29 a.m.•10 views

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

5.7AI score0.00393EPSS

Exploits0References2

Debian CVE•added 2026/05/27 2:29 a.m.•14 views

CVE-2026-48959

7.5CVSS5.7AI score0.00393EPSS

Exploits0

Cvelist•added 2026/05/27 2:25 a.m.•29 views

CVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

0.00128EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 2:25 a.m.•8 views

CVE-2025-15649

5.8AI score0.00128EPSS

Exploits0References4

EUVD•added 2026/05/27 2:25 a.m.•5 views

EUVD-2025-209949

5.8AI score0.00128EPSS

Exploits0References3

CVE•added 2026/05/27 1:19 a.m.•13 views

CVE-2026-9207

CVE-2026-9207 involves Tanium Connect on Windows, where a Command Injection flaw in the Tanium Module Server enables unauthorized code execution and privilege escalation. The CVSSv3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). No remediation details or patch v...

8.8CVSS6.2AI score0.00383EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by